Wikipedia:Security
From Wikipedia, the free encyclopedia
All registered users have a password which works like any login password. Passwords help ensure that someone does not masquerade as another editor. Editors should use a strong password to avoid being blocked for bad edits by someone who guesses or "cracks" other editors' passwords.
As a rule of thumb a password that is reasonably long, with a mix of upper and lowercase letters and numbers, and not mostly made up of dictionary words or names or personal information (date of birth, cat's name, etc), is likely to be reasonably strong for everyday use. However it is left up to users to decide how strong a password they wish to use beyond this.
Some actions on Wikipedia can only be carried out by privileged editors. The most common kind of privilege is adminship. It is especially important that privileged editors have strong passwords. Administrators, bureaucrats, checkusers, stewards and oversighters discovered to have weak passwords, or to have had their accounts compromised by a malicious person, may have their accounts blocked and their privileges removed on grounds of site security. In certain circumstances, the revocation of privileges may be permanent. Discretion on resysopping temporarily desysopped administrators is left to the bureaucrats, provided they can determine that the administrator is back in control of the previously compromised account.
Although the definition of "strong password" is deliberately left unspecified, privileged editors are required to use strong passwords and are informed that the developers will occasionally try to crack their passwords and disable those that can be cracked.
For advice on personal security, including passwords, see Wikipedia:Personal security practices and Keys to a Strong Password.